Title:

Kind
Code:

A1

Abstract:

A variable with block cipher using plaintext elements and masking array elements which are sometimes converted into digits in another number base. Binary bytes or digits are modified by binary rotating, shuffling of byte sequence and arithmetic/logic modification using masking arrays. For recovery of the plaintext, the ciphertext elements and masking array elements are sometimes converted again into digits and a reverse combination of rotating, shuffling and arithmetic/logic operations results in the original plaintext elements.

Inventors:

Satterfield, Richard (Wellesley, MA, US)

Application Number:

09/899355

Publication Date:

08/22/2002

Filing Date:

07/05/2001

Export Citation:

Assignee:

SATTERFIELD RICHARD

Primary Class:

Other Classes:

380/29

International Classes:

View Patent Images:

Related US Applications:

Primary Examiner:

HENEGHAN, MATTHEW E

Attorney, Agent or Firm:

CESARI AND MCKENNA, LLP (BOSTON, MA, US)

Claims:

1. Encryption/Decryption apparatus comprising: means for retrieving information to be encoded/decoded, said information defining an array D

2. The apparatus as defined in claim 1 further comprising means for permuting the order of said first and second elements being concatenated, rotated, modified, shuffled, converted and decatenated.

3. The apparatus as defined in claim 1 further comprising an array S wherein said array S is arranged to provide information, in addition to array R, for directing and controlling one or more elements of means for: combining, converting, modifying, converting the modified digits, and converting and deconcatenating.

4. Apparatus as defined in claim 1 wherein said means for combining comprises: means for arithmetic and logic combining selected from the group consisting of means for adding, subtracting, exclusive-oring, rotating, shuffling of sequence, or using a modified exclusive-or base N function.

5. Apparatus as defined in claim 4 where in said means for arithmetic and logic combining comprises means for converting into another number base.

6. Apparatus as defined in claim 1 wherein the number of first elements, D

7. A method for encryption/decrypting comprising the steps of: retrieving information to be encoded/decoded, said information defining an array D

8. The method as defined in claim 7 further comprising the step of permuting the order of said first and second elements being concatenated, shuffled, rotated, modified, converted and decatenated.

9. The method as defined in claim 7 further comprising the step of arranging an array S containing information, in addition to array R, for directing and controlling one or more elements of above steps of: combining, converting, and modifying.

10. The method as defined in claim 7 wherein said step of combining comprises the steps of: arithmetic and logic combining, wherein the arithmetic and logic steps are selected from the group consisting of the steps of adding, subtracting, exclusive-oring, rotating, shuffling, sequencing or using a modified exclusive-or base N function.

11. Method as defined in claim 10 wherein said arithmetic and logic combining comprises converting into another number base.

12. Method as defined in claim 7 wherein the number of first elements, D

13. Encryption/Decryption apparatus comprising: means for retrieving information to be encoded/decoded, said information defining an array D

14. Apparatus as defined in claim 13 wherein said means for combining is governed by the relationship, d

15. Apparatus as defined in claim 13 wherein the number of first elements, D

16. A method for encrytion/decryption comprising the steps of: retrieving information to be encoded/decoded, said information defining an array D

17. The method as defined in claim 16 wherein the step of combining at least one of the elements d

18. The method as defined in claim 16 wherein the number of first elements, D

Description:

[0001] The present application claims priority from U.S. Provisional Patent Application Serial. No. 60/216,072, which was filed on Jul. 6, 2000, by the same inventor and with the same title as the present invention, and which Provisional Application is hereby incorporated by reference.

[0002] This patent application is also closely related to pending U.S. patent application Ser. Nos. 09/019,915 and 09/019,916, and issued U.S. Pat. No. 5,717,760.

[0003] 1. Field of the Invention

[0004] The present invention relates to apparatus and methods for encryption and decryption wherein a ciphertext is generated. More particularly, the present invention is related to the use of symmetric private key encryption. Once the sender and receiver have exchanged key information, encryption of a message by the sender and decryption by the receiver is accomplished in a direct manner.

[0005] 2. Background Information

[0006] Dr. Man Young Rhee, in his book “Cryptography and Secure Communications” (McGraw-Hill, 1994) states on page 12: “A cryptosystem which can resist any cryptanalytic attack, no matter how much computation is allowed is said to be unconditionally secure. The one time pad is the only unconditionally secure cipher in use. One of the most remarkable ciphers is the one-time pad in which the ciphertext is the bit-by-bit modulo-2 sum of the plaintext and a nonrepeating keystream of the same length. However, the one-time pad is impractical for most applications because of the large size of the nonrepeating key.”

[0007] U.S. Pat. No. 4,751,733 entitled “SUBSTITUTION PERMUTATION ENCIPHERING DEVICE” describes in the abstract: “A substitution-permutation enciphering device. This device, adapted for transforming a binary word into another binary word, by succession of substitutions and permutations, under the control of a key . . . ” teaches away from the scheme described herein. The use of a substitution memory as described by U.S. Pat. No. 4,751,733 has a limitation in that this patent discloses and teaches changes only to the bits of a byte.

[0008] U.S. Pat. No. 5,001,753 entitled “CRYPTOGRAPHIC SYSTEM AND PROCESS AND ITS APPLICATION” describes the use of a rotational operator in an accumulator. The rotation operation is used to cause an accumulator bit to be temporarily stored in the carry bit, rather than in a memory location, and the carry bit (regardless of its value) is ultimately rotated back into its original position. The rotate operation is explained in detail by column

[0009] U.S. Pat. No. 5,113,444, entitled “RANDOM CODING CIPHER SYSTEM AND METHODS,” and U.S. Pat. No. 5,307,412, teach the use of a thesaurus and/or synonyms; together with arithmetic/logic operations to combine data and masks to accomplish encoding/decoding. These patents are thus limited by the use of the thesaurus and synonyms.

[0010] U.S. Pat. No. 5,412,729 entitled “DEVICE AND METHOD FOR DATA ENCRYPTION” introduces the concept of using matrix operations to multiplex the bytes in the cleartext so that a byte in the ciphertext may contain elements of more than one cleartext bytes. The patent teaches about the multiple use of a data element to create a ciphertext element. This is different from the combination of: creating a single working element by concatenating several bytes together (with permutation of sequence during the concatenation), binary rotating the resultant single element, and the breaking up the single element back into multiple bytes to be placed in an output buffer (also with permutation of sequence). Under certain conditions, a matrix presentation may be used to represent the effect of the rotation operation. However, careful examination will show that the matrix representation of the rotation operation does not follow the rules associated with a linear system and thus is quite different from this patent. This patent method is limited by teaching the multiplexes several different data elements together wherein each element may be used more than once, while the scheme herein only modifies a single data element at any one time.

[0011] U.S. Pat. No. 5,077,793 entitled “RESIDUE NUMBER ENCRYPTION AND DECRYPTION SYSTEM” teaches (column _{i}_{i}_{i}_{i }_{i}_{1}_{2 }_{n}

[0012] Pages 305 and 306 in “Applied Cryptography, Second Edition” by Bruce Schneier, John Wiley & Sons, Inc. 1996—describe the Madryga encryption method. “The Madryga trio consists of two nested cycles. The outer cycles repeats eight time (although this could be increased if security warrants) and consists of an application of the inner cycle to the plaintext. The inner cycle transforms plaintext to ciphertext and repeats once for each 8-bit block (byte) of the plaintext. Thus the algorithm passes through the entire plaintext eight successive times. An iteration of the inner cycle operates on a 3-byte window of data, called the working frame [figure reference omitted]. This window advances 1 byte for each iteration. (The data are considered circular when dealing with the last 2 bytes.) The first 2 bytes of the working frame are together rotated a variable number of positions, while the last byte is XORed with some key bits. As the working frame advances, all bytes are successively rotated and XORed with key material. Successive rotations overlap the results of a previous XOR and rotation, and the data from the XOR is used to influence the rotation. This makes the entire process reversible. Because every byte of data influences the 2 bytes to its left and the 1 byte to its right, after eight passes every byte of the ciphertext is dependent upon 16 bytes to the left and 8 bytes to the right. When encrypting, each iteration of the inner cycle starts the working frame at the next-to-last byte of the plaintext and advances circularly through to the third-to-last byte of the plaintext. First, the entire key is XORed with a random constant and then rotated to the left 3 bits. The low-order 3 bits of the low-order byte of the working frame are saved; they will control the rotation of the other 2 bytes. Then, the low-order byte of the working frame is XORed with the low-order byte of the key. Next, the concatenation of the 2 high-order bytes are rotated to the left the variable number of bits (0 to 7). Finally, the working frame is shifted to the right 1 byte and the whole process repeats.” On page 306, “Both the key and the 2 ciphertext bytes are shifted to the right. And the XOR is done before the rotations.” The Madryga method may be improved upon by a better randomizing of the order of the bytes prior to concatenation and by not storing the rotate distance information (even though it is encrypted) in the data itself. A weakness of this method is that the order of the bytes prior to concatenation is unmodified and therefore more easily broken.

[0013] U.S. Pat. No. 5,113,444, entitled “RANDOM CODING CIPHER SYSTEM AND METHODS” and U.S. Pat. No. 5,307,412, teach the use of a thesaurus and/or synonyms, together with arithmetic/logic operations to combine data and masks to accomplish encoding/decoding. These patents are thus limited by the use of the thesaurus and synonyms.

[0014] Pages 13 through 15 in “Applied Cryptography, Second Edition”by Bruce Schneier, John Wiley & Sons, Inc. 1996, provide a critique on the security inherent in the Vigenere encryption method. “The simple-XOR algorithm is really an embarrassment; it's nothing more than a Vigenere polyalphabetic cipher.” “There is no real security here. This kind of encryption is trivial to break, even without computers. It will take only a few seconds with ,a computer. Assume the plaintext is English. Furthermore, assume the key length is any small number of bytes. Here's how to break it:

[0015] 1. Discover the length of the key by a procedure known as counting coincidences. XOR the ciphertext against itself shifted various number of bytes, and count those bytes that are equal. If the displacement is a multiple of the key length, then something over 6 percent of the bytes will be equal. If it is not, then less than 0.4 percent will be equal (assuming a random key encrypting normal ASCII text; other plaintext will have different numbers). This is called the index of coincidence. The smallest displacement that indicates a multiple of the key length is the length of the key.

[0016] 2. Shift the ciphertext by that length and XOR it with itself. This removes the key and leaves you with the plaintext XORed with the plaintext shifted then length of the key. Since English has 1.3 bits of real information per byte, there is plenty of redundancy for determining a unique decryption.”

[0017] The above method for breaking a Vigenere cipher relies on the fact that XOR (base 2) is its own inverse and that the encrypting key (masking bytes) are repeated many times. The XOR is its own inverse because A XOR B XOR B=A. It is an object of the present invention to improve upon the security of the Vigenere and Variant Beaufort cipher methods by applying them not to characters directly but rather to digits representing that character in another number base.

[0018] Pages 70 and 71 in “Cryptography: An Introduction to Computer Security” by Jennifer Seberry and Josef Pieprzyk, Prentice Hall, 1989—“The Vigenere cipher. The key is specified by a sequence of letters: K=k_{1 }_{d }_{i}_{i}_{i }_{i}_{i}_{i}_{i}_{i}

[0019] Historically the Vigenere and Variant Beaufort ciphers have been applied to whole letters or characters. That is, the value (position in the alphabet) of a character has a number either added or subtracted to it (modulo the length of the alphabet) and the resultant number is used to specify a character position in the alphabet and the character at that position is sent as the ciphered character.

[0020] Herein BCN refers to the binary to base n conversion of a number and the representation of the base n number as a digit shown in binary. A common example (base 10) is BCD (binary coded decimal) where the values 0 through 9 are represented by 4 binary bits.

[0021] Herein a byte is defined as two or more bits. In typical usage a byte is considered to be, but is not limited to, eight bits.

[0022] Herein, arrays (or masks) are described as being comprised of elements. Such elements are defined as any actual or logical grouping, for example: a bit, a nibble, a byte or word of any length.

[0023] It is an object of the present invention to provide an encryption/decryption apparatus and method that does not depend upon the use of thesaurus's and/or synonyms tables.

[0024] It is yet another object of the present invention to provide an encryption/decryption scheme wherein the presentation of a character in one number base is transformed into a corresponding representation in another number base.

[0025] The foregoing objects are met in an encryption/decryption apparatus where a message or information expressed as elements or characters is to be encrypted from transmission or sending to another where the message will be decrypted using variable width block encoding. A set of masks of elements or characters are defined and utilized in the encryption/decryption. The message elements and mask elements are used in a binary form or may be converted into corresponding elements in another new number base system, where this new number base system is not binary. The converted message and mask elements are combined, element by element, respectively, thus forming a new set of elements which are defined as a ciphertext. This ciphertext may be sent or transformed into a set of elements in yet another number base that is suitable for transmission.

[0026] The foregoing objects are met in an encryption apparatus and method providing masking arrays, a byte concatenator, a barrel shifter, a byte sequence shuffler and an optional decatenator which encrypt and decrypt input data. Encoding or Decoding will consist of one or more passes through a cleartext message using the encryption mechanism described herein.

[0027] To decode the ciphertext, the same mask elements as used for encoding are combined, element by element, respectively using the inverse or reverse from that which was used for encryption, thus forming a new set of elements which when converted to a number in the original message number base is the plaintext message.

[0028] Herein XORn (XOR+ and XOR−) describes a modified exclusive-or operation (base N1) defined as: let the numbers A and B base N1 and N2 respectively be defined (for m digits).

[0029] Then, in a preferred embodiment, the elements A and B may be combined according to the following equations.

[0030] where W is an integer large enough to keep the resultant sum a positive number. For base 2, XORn is identical to the standard XOR operation. The conversion of a binary number to j digits (base n) is done by the successive division of the number by n where the remainder of each division becomes the ith digit for i=0 to j−1. The digits of a number (base n) are converted back to binary by: setting sum=0, then for i=j−1 to 0 perform sum=(sum * n)+digits. When done the result is in sum.

[0031] An advantage of the present invention is that an encryption method employing an XOR (base 2) is strengthened by the use of a base greater than 2. This is because A XORn B XORn B does not equal A (where XORn is either XOR+ or XOR−only).

[0032] Another advantage of the present invention is that each byte to be encrypted and each masking byte (key byte) in a preferred embodiment are converted from binary into a string of digits or elements base n (n>2) and the operations of equation 1 and 2 are applied to these digits in a systematic manner. One or two number bases, or moduli, is used at a time.

[0033] In a preferred embodiment of the present invention the equations 3 and 4 are used to advantage since there is no repeating key (as a key is usually thought of) because the key is now the sequence of digits resulting from the conversion of binary masking bytes to digits of another number base. The masking byte string is now not limited to a few characters, but can be a very long series of bytes. Though it would still be possible to have a repeating series of digits if the masking bytes followed a repeating sequence, the ready availability of arbitrary masking bytes in the computer environment should lessen this occurrence. These bytes may be derived from any of several digital sources including, but not limited to, the sampling of digital sources, the application of numeric hashing functions, pseudo-random number generation and other numeric operations.

[0034] In a preferred embodiment the equation 3 is used for encryption and equation 4 is used for decryption. Since these are inverse ciphers, in another preferred embodiment equation 4 is used instead for encryption and equation 3 is used for decryption. For simplicity, only the first method is shown, but the implementation of the second scheme will be understood by anyone skilled in the art.

[0035] Arbitrary and random numbers are created by normal digital processes. Most digitized music which comes on a CD-ROM is 16 bits of Stereo sampled at a 44.1 kilohertz rate. This produces approximately 10.5 million bytes per minute. Of these about one half may be used as arbitrary data bytes, or about 5 million bytes per minute. Reasonably random data byte are generated by reading in the digital data stream which makes up the music and throwing away the top 8 bits and sampling only the lower eight bits of sound to produce an arbitrary or random number. Fourier analysis on the resultant byte stream shows no particular patterns. It should be kept in mind that silent passages are to be avoided. If taking every byte of music in order is undesirable, then using every nth byte should work quite well for small values of n between 11 and 17. Please note, the error correction inherent with a music CD-ROM is not perfect and the user might want to convert the CD-ROM music format to a WAVE (.WAV) file format and then send the WAVE (.WAV) file to someone by either modem, large capacity removable drive, digital magnetic tape cartridge, or by making a digital CD-ROM containing the WAVE (.WAV) file.

[0036] Another source of arbitrary or random digital numbers may be found in the pixel by pixel modification (exclusive-oring, adding, subtracting) of several pictures from a PHOTO CD-ROM, again looking at the low order bytes. Computer Zipped (.ZIP) files and other compressed file formats can be used.

[0037] The variable width block encoder described herein may itself be used as a generator of arbitrary bytes to be use with additional copies of this scheme or in other encrypting schemes.

[0038] Is The sender and receiver must agree ahead of time on the sources to be used for the masking bytes and how these sources will be sampled and/or combined to create the masking bytes to be used to encrypt and decrypt a message.

[0039] In other preferred embodiments, the intelligent sampling of digital sources can be used to advantage to lessen the reconstruction of the byte stream used for encryption. In addition, encryption and hashing algorithms may be used to modify the digital sources prior to their use. Moreover, the modification of pseudo-random numbers for tables, arrays and/or masks may also be used to advantage.

[0040] Other objects, features and advantages will be apparent from the following detailed description of preferred embodiments thereof taken in conjunction with the accompanying drawing.

[0041]

[0042]

[0043]

[0044]

[0045]

[0046]

[0047]

[0048]

[0049]

[0050]

[0051]

[0052]

[0053]

[0054]

[0055]

[0056] Data byte to be encrypted or decrypted are placed into an input I/O Buffer. Next a predetermined number of bytes are selected from the Input I/O Buffer with a permutation of sequence and concatenated together to form a single binary data element. This data element is modified by the scheme described herein and the resulting modified bytes are placed either directly into an output I/O Buffer or placed into the output I/O Buffer using a second permuted sequence. The number of bytes, which are concatenated together to form successive input data elements may be fixed or varied during the processing of an I/O Buffer. The width of the Block Cipher is adjusted so as to match the number of input bytes used to create the input data element. All internal arrays or byte strings are ordered so that the first element is the least significant byte of a number. The size of the masking elements M(1) through M(3) may be fixed or varied during processing but the mask elements must be at least the size of the data element to be encoded. The number of bytes, W, or width of a processing operation may be determined by table lookup, a formula, pseudorandom number generation, or by some combination thereof. It is up to the implementor to decide how the width will be specified. The Rotate/Shuffle mechanism when used along with a varied number of bytes to be processed, helps obscure the underlying permutation sequence used to create the data element processed by the block cipher.

[0057] In another preferred embodiment, not shown, the Block Cipher is used as a pseudorandom byte generator where the bytes generated are used by another encryption scheme to encode data. The bytes for this other scheme may come from any of: the masking arrays, intermediate processing results, the output data element, or some combination thereof.

[0058] ED is a global 1 bit flag, which specifies whether encryption (0) or decryption (1) is to be performed by the Block Cipher. ED is used as a flag to modify the Rotate/Shuffle and Arithmetic/Logic Operations. When ED=1, the direction of rotation is the opposite of what is directed by the value of RV(i) and the inverse of the arithmetic/logic operation as designated by AV(i) is used. Similarly, when ED=1, a inverse shuffle sequence is utilized as compared to when ED=0.

[0059]

CONTROL | ||

INPUTS FOR | ED = 0 | ED = 1 |

Rotator/Shuffler | ENB1, RV(1), RSF(1), RSN(1) | ENB1, RV(1), RSF(1), RSN(1) |

#1 | ||

A/L Modifier #1 | AV(1), M(1), AMP(1), | AV(3), M(3), AMP(3), AVDN(3), |

AVDN(1), AVMN(1) | AVMN(3) | |

Rotator/Shuffler | RV(2), RSF(2), RSN(2) | RV(3), RSF(3), RSN(3) |

#2 | ||

A/L Modifier #2 | AV(2), M(2), AMP(2), | AV(2), M(2), AMP(2), AVDN(2), |

AVDN(2), AVMN(2) | AVMN(2) | |

Rotator/Shuffler | RV(3), RSF(3), RSN(3) | RV(2), RSF(2), RSN(2) |

#3 | ||

A/L Modifier #3 | AV(3), M(3), AMP(3), | AV(1), M(1), AMP(1), AVDN(1), |

AVDN(3), AVMN(3) | AVMN(1) | |

Rotator/Shuffler | NOT(ENB1), RV(1), RSF(1), | NOT(ENB1), RV(1), RSF(1), |

#4 | RSN(1) | RSN(1) |

[0060] The effect of the value of AV(1 to 3) when sent to the appropriate A/L Modifier:

AV value | Operation Performed, ED = 0 | Operation Performed, ED = 1 |

0 | Input XOR Mask M | Input XOR Mask M |

1 | Input ADD Mask M | Input SUB Mask M |

2 | Input SUB Mask M | Input ADD Mask M |

3 | Input XOR Mask M | Input XOR Mask M |

4 | Input XOR− Mask M | Input XOR+ Mask M |

5 | Input XOR+ Mask M | Input XOR− Mask M |

6 | Input XOR− Mask M | Input XOR+ Mask M |

7 | Input XOR+ Mask M | Input XOR− Mask M |

[0061] When AV(i)>=4 then XOR− or XOR+ operations are performed. These consist of converting the input data element into digits using number base AVDN(i) and Eq. 1, and also converting the mask element M(i) into digits using number base AVDM(i) and Eq. 2. These digits are then combined using Eq. 3 or Eq. 4. and the resulting digits are recombined using number base AVDN(i) into a binary number which is the output of the A/L modifier. Mask M(i) is considered to be the lowest W bytes of M(i).

[0062] RSF(i) is the Rotate/Shuffle Flag and is used to designate whether a Rotate or Shuffleoperation will occur and whether the input will be treated as binary bits or as digits (base RSD(i) using Eq. 1). Again, when ED=1, the direction for rotate operation is reversed and the inverse of the shuffle operation is specified.

RSF(i) value | Resulting DPF value and operation | Rotate or Shuffle |

0 | 0 = Binary | Rotate |

1 | 0 = Binary | Shuffle |

2 | 1 = Digits | Rotate |

3 | 1 = Digits | Shuffle |

[0063] Normally ENB1 equals NOT(ED). Therefore NOT(ENB1) equals ED. Another implementation, not shown, has the binary ENBL flag being set by an exterior user settable binary flag.

[0064] The size in bytes of the single data element to be encrypted or decrypted, DATAin 1, is designate by W. W and ED, 6, together go to all of the Rotate/shufflers and the A/L Modifiers to designate the number of bytes to be processed and whether encryption (ED=0) or decryption (ED=1) will occur. This data element, DATAin 1, is created by selecting bytes from the input I/O buffer and concatenating them together to form a single multibyte wide data element or item. DATAin, 1, is sent via 2 to Rotate/Shuffler #1, 5, where the W, 6, bytes of the data item are either rotated or shuffled as directed by ENB1, 27, [RV(1), RSF(1) and RSN(1)], 8. When ED=0 and ENB1=1, the Rotate/Shuffle operation is enabled. When ED=1, ENB1=0 and the Rotate/Shuffle #1 operation is disabled and the W bytes of the data item pass through unmodified to both IR#1, 10, and AIL Modifier #1, 11, via 44. At A/L Modifier #1, 11, the directions for the modification of the data item is are given by [AV(1), M(1), AMP(1), AVDN(1), AVMN(1)], 12, via 46 if ED=0 or by [AV(3), M(3), AMP(3), AVDN(3), AVMN(3)], 13, via 47 if ED=1. The modified data item then goes to both IR#2, 15, and Rotator/Shuffler #2, 16, via 48. The second Rotate/Shuffler #2, 16, is always enabled. When ED=0, [RV(2), RSF(2), RSN(2)], 17 via 51 control the operation if 16 else when ED=1, [RV(3), RSF(3), RSN(3)], 18, via 52 provide the control information concerning how the modified data item is further changed. The data item modified by A/L Modifier #2, 21, goes via 60 to IR#4, 24, and Rotate/Shuffler #3, 25. This rotate/shuffler is, always enabled. The data item is further modified by Rotate/Shuffler #3, 25 under the control of [ED, W], 6 via 61, and [RV(3), RSF(3), RSN(3)], 18 via 65, when ED=0 or [RV(2), RSF(2), RSN(2)], 17 via 64, when ED=1. The modified data item then goes via 66 to IR#5, 29, and A/L Modifier #3, 30. Here the data item is again modified under the direction and control of [AV(3), M(3), AMP(3), AVDN(3), AVMN(3)], 13 via 65, if ED=0, else when ED=1 then [AV(1), M(1), AMP(1), AVDN(1), AVMN(1)], 12 via 67, controls the modification. The resulting modified data item then goes via 71 to IR#6, 34, and Rotate/Shuffler #4, 35. If ED=0 then NOT(ENBI) is 0 and the rotate/shuffle operation is disabled and the data item on 71 goes unmodified via 3 to DATAout, 4. When ED=1, then NOT(ENB1)=1 and the data item is modified under the direction and control of [RV1, RSF(1), RSN1)], 8 via 72, and [ED, W], 6 via 42.

[0065] FIG

Z(i) | ED = 0 | ED = 1 | |

Z(1), 85 | IR#1, 10 via 73 | IR#6, 34, via 74 | |

Z(2), 86 | IR#2, 15 via 75 | IR#5, 29 via 76 | |

Z(3), 87 | IR#3, 20 via 77 | IR#4, 24 via 78 | |

Z(4), 88 | IR#4, 24 via 79 | IR#3, 20 via 80 | |

Z(5), 89 | IR#5, 29 via 81 | IR#2, 15 via 82 | |

Z(6), 90 | IR#6, 34 via 83 | IR#1, 10 via 84 | |

[0066] As can be seen by inspection of the above table, the effect of ED=1 is to reverse the order of Intermediate Results being directed to the temp values Z. Thus when the Z's are used to calculate formulas for updating a variable, mask, counter or pointer the results will be the same for both encryption (ED=0) and decryption (ED=1).

[0067] _{1}_{2}_{3}_{1}_{2}_{3}

_{2}_{3}_{2}_{3}

_{3}_{1}_{3}_{1}

_{1}_{2}_{2}

[0068] The calculations for CD(1) through CD(6) are similar to the above but user supplied values for D_{1}_{2 }_{3 }

[0069] Each variable and counter has a pointer associated with it to specify how the counter and variable is updated. The pointer consists of several fields. The first field is a Change Enable flag field. When set to 0, no changes are allowed in the address pointer's other two fields. Otherwise when set to 1, the other three fields may be changed when a master counter (see

[0070] When a Master Counter is decremented to zero, the counter value is reset using its pointer and all other variables and counters are updated. Where the Change Enable Flag allows it a pointer value is also updated and byte sources are enabled or disabled depending upon the bit patterns of other bits retrieved using the master pointer. A Master Counter is provided for each processing pass to provide another degree of randomness to the encryption, decryption operation.

[0071] When a Byte Source is enabled, it's Source Number, SN, is entered in the Source Dispatch Table and TNES is changed to reflect the number of SN entries in the table. When a Source is disabled, its SN value is removed from the dispatch table, the table is compressed and the value of TNES is adjusted to reflect the number of entries currently in the table. Cflag is a binary flag set non zero when a byte source needs to be computed.

[0072]

[0073]

[0074]

[0075]

[0076] From Step

[0077]

[0078] ^{RS }^{8−Rs}

[0079]

[0080]

[0081] At Step

[0082] At Step

[0083]

[0084]

[0085]